package com.zhangyj.impl.actions;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpSession;

import com.zhangyj.BoastException;
import com.zhangyj.LocalMessage;
import com.zhangyj.action.AbstractAction;
import com.zhangyj.action.RequestAction;
import com.zhangyj.action.RequestMethod;
import com.zhangyj.data.tables.BUser;
import com.zhangyj.db.DBUtil;
import com.zhangyj.impl.UserContext;
import com.zhangyj.util.AlgorithmUtil;
import com.zhangyj.util.Tools;
@RequestAction(name="login",defaultAction="login")
public class LoginAction extends AbstractAction {
	private static final long serialVersionUID = 7137336654168543784L;
	private String secess = "work.index";
	private String loginout = "work.loginout";
	public LoginAction() {

	}

	@RequestMethod(name="out")
	public String loginOut() throws ServletException, IOException {
		request.getSession().removeAttribute(UserContext.key);
		Cookie cs[] = request.getCookies();
		for (int i = 0; i < cs.length;i++) {
			Cookie c = cs[i];
			if (c.getName().equals("_ssid")) {
				c.setMaxAge(0);
				response.addCookie(c);
				break;
			}
		}
		return loginout;
	}
	@RequestMethod(name="login")
	public String login() throws ServletException, IOException {
		String lgnName = request.getParameter("loginname");
		if (lgnName == null) {
			return tologinPage();
		}
		
		request.setAttribute("loginname", lgnName);
		String password = request.getParameter("password");

		String validateCode = request.getParameter("validatecode");
		HttpSession session = request.getSession();

		String sessionValiCode = (String) session.getAttribute(Tools.VALIDATE_KEY);
		if (validateCode == null || !validateCode.equalsIgnoreCase(sessionValiCode)) {

			request.setAttribute("error", LocalMessage.get("error.validatecode"));
			return tologinPage();

		}
		if (lgnName == null || lgnName.isEmpty()) {
			request.setAttribute("error", LocalMessage.get("error.isnotnull", new String[] { LocalMessage.get("username") }));
			return tologinPage();

		}
		try {
			BUser buser = DBUtil.queryOne(" select     *    from b_user  where lgnname=?", BUser.class,lgnName);
			password = AlgorithmUtil.md5Digest(AlgorithmUtil.desEncrypt(password.getBytes(), AlgorithmUtil.fieldDesKey));
			if (buser != null && buser.getUserPassword() != null && buser.getUserPassword().equals(password)) {
				//TODO 企业Id
				UserContext userContext = new UserContext(buser.getUserId(),buser.getLgnname(), buser.getUsername(),1);
				UserContext.setUserContext(request, userContext);
			} else {
				request.setAttribute("error", LocalMessage.get("error.loginFail"));
				return tologinPage();
			}
		} catch (Exception e) {
			throw new ServletException(e);
		} finally {
		}
		String returnPath = getParameter( "returnPath", "");
		if (returnPath.length() >0) {
			return returnPath;
		}
		String ssid = AlgorithmUtil.desEncryptToString(lgnName.getBytes(), AlgorithmUtil.fieldDesKey);
		Cookie c = new Cookie("_ssid", ssid);
		c.setPath("/");
		c.setMaxAge(-1);
		response.addCookie(c);
		return this.secess;
	}

	public String tologinPage() throws BoastException {
		String returnPath = getParameter( "returnPath", "");
		request.setAttribute("returnPath", returnPath);
		return "/login.jsp";
	}
}
